Blogroll

Meta

my free software blog

I wanted to let you know that I just published an article covering the shortcomings of SMTP, the current email infrastructure and how some fixes to problems of SMTP, like SPF and DKIM, are not a real solution.

It has been a whole year since I last blogged but I was just too busy with other things.

However, I just heard of the upcoming BarCamp Senza Confini 2008 which is going to take place in Klagenfurt, Austria on 2. and 3. February and wanted to let you know.

Some of you might know that I did come up with the idea of doing a multi-national Free Software conference a while back. It was intended to attract not only people from Austria, but also from Slovenia and Italy. As the BarCamp Senza Confini 2008 is also about having a multi-national conference I believe it would be also a great opportunity for Free Software advocates from the region to meet and have a good time.

Even though I do not know if I’ll be able to make it there yet I would love to see the Free Software community meet there.

I have just uploaded a file containing information on a proposed project, FreeAlternatives.

To give you a short primer, the project is about creating a database containing information on FreeSoftware packages which can replace proprietary software. The proposal contains information on how the database could be built, kept up-to-date and extended by the community instead of a small group and still contain valid and approved data.

The proposal is written in plain-text and can be downloaded from here.

Discussion should take place on discussion__at__fsfeurope.org, but you are also welcome to leave your comments here or drop me an email at sp__at__fsfe.org.

As LWN.net is reporting today [0], there is an ongoing discussion on the LKLM [1] about banning ‘binary-only’ Linux modules.

The real problems are not caused by ‘binary-only’ modules, but GPL-incompatible code being linked against GPL’ed code. From my understanding this does violate the GPL as linking A, a GPL licensed program, against B, which is licensed under a proprietary non-free license, does create a deriative work of A.

However, the suggested banning of proprietary and GPL-incompatible modules from being linked is a step forward.It clearly would help stopping hardware vendors from ‘tricking’ users into violating the GPL by making them link proprietary modules against GPL’ed code themselves.

After all, I really like to see this happening now and hope that the Linux developers are finally going to stop others from violating kernel’s license.

Hi to all of you reading my blog.It’s been a while now since I last blogged, so this is going to be a long post containing a lot of things that happened.

Let’s start with one of the most important ones for myself. My idea of having an international Fellow meeting has been ‘accepted’ by you, and especially Stefano. I’m more than only pleased by the fact that one of my ideas has finally made it to a stage where it became reality. I’m really looking forward to that meeting on 11th Novembre in Bolzano/Italy and hope to see a lot of you guys there.

Okay, let’s head on to the next topic. I finally found a GNU project I can participate in and do something good(tm). I’m currently undergoing training over at GNU Savannah and am looking forward to eventually become a GNU Savannah hacker sometime. This project might be interesting for some of you aswell, as doing project submissions has a lot to do with advocacy and spreading the word. Oh, and it’s great fun.

Another thing that has happened is that I finally got rid of my Plone/Zope based homepage. Plone is a nice webpage system, but it’s way too ressource intensive. I’ve now gone back to the roots and my webserver is now serving a static ‘plain-HTML’ page. No CSS, no JavaScript, no ‘fancy’ design, just pure text and information.

Last but not least I’d like to extend my call-to-arms to this blog. I’ve been working on a project lately that should eventually, at some point, have a Free Software malware analyzation/sandboxing tool as outcome. The project is called penalyze2 and works with PE (Windows) executables. What it basically does is emulation of an x86 CPU and a Windows enviroment. This way malicious code can be analyzed without actually infecting a machine. Why I’m writing about a ‘call-to-arms’ is, that I’m still in need of people interested in working on that project. Its current state is that a proof-of-concept works, as in emulating/analyzing a simple helloworld application. The project, code and some more information can be found at penalyze2′s GNU Savannah project page. If you are intersted in this topic go ahead and have a look at the project page (and maybe the todo list as well ).

It has been a while since I last wrote a blog entry and I now finally found some time again to do so.

As some of you might (or might not) know I’ve been on a trip to Dublin with my school class last week. What we did there was basically having some fun and enjoying the Irish culture and of course the city itself.

I had a great time there and a few things are worth noting.The first thing I’d like to note is the fact that when I went to the surfing station in my hostel I immediatly noticed that it was running GNU/Linux, some kind of kiosk software and Mozilla Firefox. That was pretty much the first impression I got from Dublin on a technical point of view – very impressive.

There’s another thing I really need to blog about. As reinhard suggested to me before I left Austria I contacted the IFSO while I was in Dublin and also met up with a few people.We had a great evening in a bar which seems to be quite famous (and indeed is quite nice aswell) called Messrs Maguire.The most important thing though is that I had a great time that evening. I really enjoyed the talks we had and I’ve really been given a warm welcome and of course once again noticed the well-known Irish hospitality.

I can really suggest everyone spending a few days in Dublin to contact these guys and try to arrange a meeting as it has been a great experience to me.I’d not only like to thank everyone who was there but especially Glenn Strong who seems to have arranged everything that evening.Another thing I’m somehow proud of is that I’m now owner of an IFSO t-shirt.

If anyone who has been there is reading this and you plans to visit Austria sometime, don’t forget to give me a shout about it, as I told you. I would probably be able to either meet with you personally or arrange something.

So, the short version: Thanks guys for a great evening which was real fun and the nice, interesting talks we had. That evening was the best one I’ve had in Dublin, honestly.

As you can read in a /. article [0], the U.S. government has "‘filed a motion on Saturday to intervene and seek dismissal of a lawsuit [1] by a civil liberties group against AT&T Inc. over a federal program to monitor U.S. communications."

Now that’s scary. It pretty much seems like the U.S. are finally turning into a police state dismissing legal actions taken by groups that are aware of the constant loss of freedom and are trying to change that.As I’m shocked I can hardly comment on that topic really, but I do have a strong feeling to inform others about it. So please go and read about it yourself.

The title already suggests that the article is not closely related to Free Software, but I guess a lot of you are interested in reading an article pointing out why there is a flaw in the proposed law and that it could seriously harm european ISPs (and especially mail service providers) in the long term.

The whole article is due to the lack of relation to Free Software hosted on my personal homepage and a here is the link.

I just finished setting up my fellowship cryptocard for ssh authentication.

Here I want to let you know what seems to have changed since Georg Greve gave an update on that topic the last time.

Debian knows about gpg2. gpg2 (and gpg-agent) can be installed on Debian testing and unstable as ‘gnupg2‘ and ‘gnupg-agent‘ in version 1.9.20 (There is also a version for stable but I doubt that one is recent enough, that would be gnupg2 version 1.9.15). Both are working fine with the card.

gpg2 however tries to find the pcsc-wrapper program in /usr/lib/gnupg. The program is installed to /usr/lib/gnupg2 though – a symlink fixes that problem.

There seems to be one problem though. Once the agent is running gpg2 cannot access the card anymore at all and gpg1 cannot use it for signing anymore, gpg –card-status seems to work though.The latter one is quite straight-forward: gpg1 cannot use gpg-agent, it’s still a feature of gpg2.The other thing worries me though: gpg2 should know how to use the agent to gather information on the card that’s being used by the agent right now.

I’ll check if I can find any bug reports or possibly a fixed bug related to this tomorrow. If I don’t succeed in doing that I guess I’ll have to fix the ‘bug’ myself.